漏洞描述
CentreWare InternetServices是xerox(施乐)旗下打印机所配置的软件应用程序,允许用户从计算机通过网络浏览器显示、设置、更改参数及打印机的当前状态。存在未授权访问漏洞。攻击者可直接访问web端更改参数,监控打印机状态
xerox CentreWare Internet Services存在未授权访问
PoC代码
暂无相关漏洞推荐
- POC CVE-2025-61757: Oracle Identity Manager REST WebServices - Authentication Bypass
- CVE-2019-6340: Drupal 8 core RESTful Web Services RCE
- POC CVE-2018-2392: SAP Internet Graphics Server (IGS) - XML External Entity Injection
- POC CVE-2020-0618: Microsoft SQL Server Reporting Services - Remote Code Execution
- POC CVE-2021-24335: WordPress Car Repair Services & Auto Mechanic Theme <4.0 - Cross-Site Scripting
- POC CVE-2021-41569: SAS/Internet 9.4 1520 - Local File Inclusion
- POC CVE-2021-44529: Ivanti EPM Cloud Services Appliance Code Injection
- POC CVE-2021-46387: Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting
- POC CVE-2023-34124: SonicWall GMS and Analytics Web Services - Shell Injection
- POC CVE-2023-3722: Avaya Aura Device Services - OS Command Injection
- POC CVE-2024-0713: Monitorr Services Configuration - Arbitrary File Upload
- POC CVE-2024-8963: Ivanti Cloud Services Appliance - Path Traversal
- POC azure-keyvault-trusted-ms-unrestricted: Key Vault Trusted Microsoft Services Access Not Configured